42d8ab81fe5714cbbacd28859379567d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42d8ab81fe5714cbbacd28859379567d
Size

36KB
MD5

42d8ab81fe5714cbbacd28859379567d
SHA1

1bfb0c825a338d4eca0289896ac53050908234bc
SHA256

c4d0151a6e2cca9179371994b5e42a3ea5310c92efa0e5ab1f234a7716561399
SHA512

45d157c2e21fcf7ebe4bc7ae417006a6e3501cbd44ca9056be0d1d844c7a81805d55608ae970dc4cdb8f6c344369532721f29eaf78cdf9db7256945e4b06a9e4
SSDEEP

384:fs9D3xRPJ/8C3BsD8Es3WKWzu4BXgeT/OSbORdnBI:E9D3xhGvDaWKvhIQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42d8ab81fe5714cbbacd28859379567d

Files

42d8ab81fe5714cbbacd28859379567d
.exe windows:4 windows x86 arch:x86

3852b6d92e33b96859307010c437225f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
MethCallEngine
EVENT_SINK_Invoke
ord516
ord518
Zombie_GetTypeInfo
ord593
ord594
ord598
ord520
ord632
EVENT_SINK_AddRef
ord561
DllFunctionCall
Zombie_GetTypeInfoCount
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord607
ord608
ord717
ord319
ord573
ord100
ord320
ord321
ord617
ord619

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ